I was trying to set up a WCF net-tcp service on a test environment, but kept getting an error saying the certificate could not be found. The problem was down to a slight difference between the test certificates we were using locally, and the certificate we were given for the test environment. We’re using FindBySubjectDistinguishedName in the config.

However, when the certificate subject has multiple parts (i.e. more than just CN), you need to put all of them in the findValue attribute. But how to separate them? I tried several characters – space, comma, semicolon, colon – none worked. The certificate could not be found! Finally I noticed that in the top part of the certificate’s properties window, the values are separated by a comma and a space. Unbelievably, this also applies to the config! How intuitive. So for the “CertName” certificate above, here’s how to reference it in the WCF config:

6 comments so far

You helped me as well. Ironic, isn’t it, when an API tries to be all friendly by letting you use strings and then is secretly picky about how many spaces follow a comma!

ramirborja said: 2012.01.30 08:10

thanks for this.

Rumman said: 2012.06.13 19:17

Thanks, your answer was very helpful. I ran into a problem since the Organization name in the Digital Certificate contained a comma.

For example “O=Acme Systems, Inc.” needs special attention since it contains a comma (,). I had to surround the string with double quotes (“). Since it is an XML document, the way to do this is using the " construct e.g. “CN=Rumman Gaffur, OU=IS, O="Acme System, Inc.", L=Boston, S=MA, C=US”.